<!doctype html>
<html lang="en">
<head>
    <meta charset="utf-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <meta name="description" content="coinfaces">

        <title>设置 HTTP Basic Auth</title>

    <link rel="stylesheet" href="../theme/css/style.css">
    <link rel="stylesheet" href="../theme/css/pygments.css">



</head>

<body>
    <div class="content">
<h1>设置 HTTP Basic Auth</h1>    <p>
        under
            <a href="../tags/apache/">Apache</a>
            <a href="../tags/nginx/">Nginx</a>
    </p>
    <p>
        in <a href="../categories/uncategorized/">Uncategorized</a>
    </p>
    <p>Published: 2019-04-02</p>


    <!-- wp:heading -->

<h2>创建 htpasswd 文件</h2>
<!-- /wp:heading -->

<!-- wp:paragraph -->

<p>无论是 apache2 还是 nginx，都通过 htpasswd 命令来创建用户验证数据文件：</p>
<!-- /wp:paragraph -->

<!-- wp:code -->

<div class="highlight"><pre><span></span><code><span class="err">apt-get install apache2-utils</span>
<span class="err">sudo htpasswd -c /path/to/htpasswd_file username</span>
</code></pre></div>


<!-- /wp:code -->

<!-- wp:heading -->

<h2>apache2 的设置</h2>
<!-- /wp:heading -->

<!-- wp:paragraph -->

<p>在 apache2 中，在需要使用 HTTP Basic Auth 的目录中，添加 .htaccess
文件，内容如下：</p>
<!-- /wp:paragraph -->

<!-- wp:code -->

<div class="highlight"><pre><span></span><code><span class="err">AuthType Basic</span>
<span class="err">AuthName &quot;Please input password to continue&quot;</span>
<span class="err">AuthBasicProvider file</span>
<span class="err">AuthUserFile &quot;/path/to/htpasswd&quot;</span>
<span class="err">Require user username  # Only user &quot;username&quot; is allowed to login</span>
</code></pre></div>


<!-- /wp:code -->

<!-- wp:paragraph -->

<p>前提是在 apache2 的配置文件 /etc/apache2/apache2.conf
中，设置了允许该目录中的 .htaccess 文件的设置用户验证选项：</p>
<!-- /wp:paragraph -->

<!-- wp:code -->

<div class="highlight"><pre><span></span><code><span class="nt">&lt;Directory</span> <span class="err">/some/path</span><span class="nt">&gt;</span>
  AllowOverride AuthConfig
<span class="nt">&lt;/Directory&gt;</span>
</code></pre></div>


<!-- /wp:code -->

<!-- wp:paragraph -->

<p>如果子目录中不需要用户验证，可以在其 .htaccess 文件中关闭用户验证：</p>
<!-- /wp:paragraph -->

<!-- wp:code -->

<div class="highlight"><pre><span></span><code><span class="err">AuthType None</span>
<span class="err">Require all granted</span>
</code></pre></div>


<!-- /wp:code -->

<!-- wp:heading -->

<h2>nginx 的设置</h2>
<!-- /wp:heading -->

<!-- wp:paragraph -->

<p>在 nginx 的虚拟站点配置文件中，设置特定目录下的内容需要 HTTP Basic Auth
用户验证：</p>
<!-- /wp:paragraph -->

<!-- wp:code -->

<div class="highlight"><pre><span></span><code><span class="err">location /some/url/ {</span>
<span class="err">    auth_basic &quot;Please input password to continue&quot;;</span>
<span class="err">    auth_basic_user_file /path/to/htpasswd;</span>
<span class="err">}</span>
</code></pre></div>


<!-- /wp:code -->

<!-- wp:paragraph -->

<p>关闭特定目录的 HTTP Basic Auth 用户验证：</p>
<!-- /wp:paragraph -->

<!-- wp:code -->

<div class="highlight"><pre><span></span><code><span class="err">location /some/url/public/ {</span>
<span class="err">    auth_basic off;</span>
<span class="err">}</span>
</code></pre></div>


<!-- /wp:code -->
    </div>
<nav class="nav sidebar">
    <div class="siteinfo">
        <div class="sitename"><a href="..">coinfaces</a></div>
        <div class="tagline">Another Side of Life</div>
    </div>

        <a href="../categories/">categories</a>
        <a href="..">&larr; Home</a>
</nav><footer class="footer">
    <span>
        &copy; jpli &middot;
        under <a rel="license" href="http://creativecommons.org/licenses/by-sa/4.0/">CC-BY-SA 4.0</a>
    </span>
    |
    <span>
        Powered by:
        <a href="http://blog.getpelican.com/">Pelican</a>
    </span>
</footer></body>
</html>